lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 20 Feb 2019 16:42:47 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Eric Biggers <ebiggers3@...il.com>
Cc:     Roland Dreier <roland@...estorage.com>, linux-rdma@...r.kernel.org,
        Doug Ledford <dledford@...hat.com>,
        Jason Gunthorpe <jgg@...pe.ca>, rds-devel@....oracle.com,
        syzbot <syzbot+db1c219466daac1083df@...kaller.appspotmail.com>,
        LKML <linux-kernel@...r.kernel.org>,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>
Subject: Re: KASAN: use-after-free Read in __list_add_valid (5)

On Thu, Jul 5, 2018 at 1:26 AM Eric Biggers <ebiggers3@...il.com> wrote:
>
> On Tue, May 15, 2018 at 01:49:23PM -0700, Roland Dreier wrote:
> > > Still reproducible on Linus' tree (commit 66e1c94db3cd4e) and on linux-next
> > > (next-20180511).  Here's a simplified reproducer:
> >
> > Thanks!  That's a fantastic test case.
> >
> > The issue is a race where rdma_listen() sees invalid state in the
> > middle of an rdma_bind_addr() call that will ultimately fail.  I'll
> > send a proposed patch shortly.
> >
> >  - R.
>
> Ping; there's still no fix merged for this.  The reproducer also works as an
> unprivileged user.

I don't see any patch similar to the tested one being merged. But this
stopped happening, so let's do:

#syz fix: ucma: fix a use-after-free in ucma_resolve_ip()

Powered by blists - more mailing lists